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CLAIMS 

We I claim: 

1. A method for secure routing of information and addressing of a service 
and of parties to the service in a telecommunication system that includes a telecommunication 

5 terminal, a telecommunication network, a service provider connected to the telecommunication 
network, a service apparatus connected to the telecommunication network for mediating the 
service, and a communication link connecting the telecommunication terminal and the service 
apparatus, said method comprising the steps of: 

3 providing the telecommunication terminal with a terminal-specific unambiguous 

$0 identifier; 

^ addressing the service apparatus from the telecommunication terminal by 

* sending a predetermined connection setup request from the telecommunication terminal to the 

a service apparatus; 

3 providing at least one of the service apparatus and the service mediated by the 

15 service apparatus with a service-specific unambiguous identifier associated with predetermined 

keys for at least one of encryption and digital signing; and 

sending one of a network address of the service provider and information 

relating to the mediated service from the telecommunication terminal to the service apparatus 

via the communication link. 

20 
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2. A method in accordance with claim 1, wherein the service apparatus is 
addressed from the telecommunication terminal by sending the predetermined connection setup 
request from the telecommunication terminal to the service apparatus via the communication 
link. 

5 

3. A method in accordance with claim 1, further comprising the step of one 
of encrypting and digitally signing information sent from the telecommunication terminal using 

n the keys associated with the service-specific unambiguous identifier, and wherein said sending 
g step comprises sending the one of encrypted and digitally signed information from the 
10 telecommunication terminal to the service provider using an address determined by the 

. s 

^ telecommunication terminal. 

i § 

3 

I 4. A method in accordance with claim 1, wherein the service apparatus is 

3 controlled based on information sent by the service provider. 

15 

5. A method in accordance with claim 1, further comprising the step of 
sending, from the service provider to one of the service apparatus and the telecommunication 
terminal, a confirmation message. 

20 6. A method in accordance with claim 1, further comprising the step of 

sending, from the service provider to one of the service apparatus and the telecommunication 
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terminal, a confirmation message confirming a service transaction if a predetermined condition 
has been fulfilled. 

7. A method in accordance with claim 1, further comprising the step of 
sending, from the service provider to one of the service apparatus and the telecommunication 
terminal, an SMS message confirming a service transaction. 

8. A method in accordance with claim 1, wherein a service request from the 
telecommunication terminal is accepted only after the service apparatus has received from the 
service provider a confirmation code for a requested service transaction. 

9. A method in accordance with claim 1, wherein the communication link 
comprises a Bluetooth communication connection. 

10. A method in accordance with claim 1, wherein the communication link 
comprises an infrared communication connection. 

11. A method in accordance with claim 1, wherein the communication link is 

encrypted. 
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12. . A method in accordance with claim 1, farther comprising the step of 
using a public-private key encryption system for one of encrypting and digitally signing 
information exchanged between at least two of the telecommunication terminal, the service 
apparatus and the service provider. 

5 

13. A method in accordance with claim 1, wherein WAP is used in 
communications between the telecommunication terminal and one of the service apparatus and 
the service provider. 

}Q 14. A method in accordance with claim 1, wherein the service provider 

,1 communicates with a trusted third party that maintains a database containing one of encryption 

ry and digital signing keys associated with the unambiguous identifiers. 

\ t i 15. A method in accordance with claim 1, further comprising the step of 

1§& sending a request, from one of the service provider and the service apparatus to a trusted third 
party that maintains a database containing one of encryption and digital signing keys associated 
with the unambiguous identifiers, a request for the keys. 

16. A method in accordance with claim 1, wherein the network address is an 

20 IP address. 
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17. In a telecommunication system that includes a telecommunication 
terminal, a telecommunication network, a service provider connected to the telecommunication 
network, a service apparatus connected to the telecommunication network for mediating a 
service, and a communication link connecting the telecommunication terminal and the service 

5 apparatus, the improvement comprising a system for secure routing of information and 
addressing of the service and of parties to the service, said system comprising: 

means for providing the telecommunication terminal with a terminal-specific 
unambiguous identifier; 

u3 means for addressing the service apparatus from the telecommunication terminal 

T : (P by sending a predetermined connection setup string from the telecommunication terminal to the 
; V 1 service apparatus; 

means for providing at least one of the service apparatus and the service 

.S S3; 

Q mediated by the service apparatus with a service-specific unambiguous identifier associated 
^ with predetermined keys for at least one of encryption and digital signing; and 
15 s ' means for sending one of a network address of the service provider and 

information relating to the mediated service from the telecommunication terminal to the service 
apparatus via the communication link. 

18. The system of claim 17, further comprising means for addressing the 
20 service apparatus from the telecommunication terminal by sending the predetermined 
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connection setup request from the telecommunication terminal to the service apparatus via the 
communication link. 

19. The service of claim 17, further comprising: 
5 means for at least one of encrypting a digitally signing information sent from the 

telecommunication terminal using the keys associated with the service-specific unambiguous 
identifier; and 

means for sending the at least one of encrypted and digitally signed information over 
u J the telecommunication network to a network address determined by one of the 

10 * telecommunication terminal and the service apparatus. 

■a y 

□ 20. The system of claim 17, further comprising means for controlling the 

M: service apparatus based on information sent by the service provider. 

15 21. The system of claim 17, further comprising means for sending, from the 

service provider to one of the service apparatus and the telecommunication terminal, a 
confirmation message. 

22. The system of claim 17, further comprising means for sending, from the 
20 service provider to one of the service apparatus and the telecommunication terminal, a 
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confirmation message confirming a service transaction if a predetermined condition has been 
fulfilled. 

23. The system of claim 17, farther comprising means for only accepting a 
service request from the telecommunication terminal after the service apparatus has received 
from the service provider a confirmation code for a requested service transaction. 

24. The system of claim 17, further comprising means for encrypting the 
communication link. 

25. The system of claim 17, further comprising a trusted third party that 
communicates with one of the service apparatus and the service provider over the 
telecommunication network. 

26. The system of claim 17, wherein one of the service provider and the 
service apparatus comprises means for sending to a trusted third party a request for the one of 
the encryption and digital signing keys associated with the unambiguous identifier. 

27. The system of claim 17, wherein the telecommunication terminal 
comprises a mobile station having a connected subscriber identity module. 
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28. The system of claim 17, wherein the service apparatus comprises an 
automated teller machine. 

29. The system of claim 17, wherein the service apparatus comprises a cash 
register system. 

30. The system of claim 17, wherein the service apparatus comprises a 

computer. 

31. The system of claim 17, wherein the service apparatus comprises an 
automated service machine. 

32. The system of claim 17, wherein the telecommunication network 
comprises the Internet. 

33. The system of claim 17, wherein the telecommunication network 
comprises a bank payment network. 
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